Business Email Compromise Warning!
In the last few weeks, we’ve noticed a significant increase in hacked email accounts, in what the IT industry calls a “Business Email Compromise.” In its most common form, the attacker will find a way to hack into your email account, will read and snoop on all your correspondence, and then use your account to impersonate you and scam your coworkers, clients, and business partners. PJ Networks has been rolling out additional protections to all of our customers, especially “multifactor authentication”, which can go a long way in stopping these attacks. However, the criminals do still have ways of bypassing these protections, and we expect the problem to get worse, not better. With that in mind, here are a few tips that we recommend you drill into your employees, that can help with preventing this kind of account hacking.
- If you are emailed a document that you did not directly expect, treat it with extra suspicion
Attackers try to send documents that look similar to ones you already handle or work with, and want to slip under the radar. - If someone sends you a document via Dropbox, ShareFile, or another system that they don’t normally use, don’t try to open it
- If someone sends you a document, and when you open it there’s a QR code or link to another website, don’t scan the code or follow the link
Often a document will even have text saying that you need to follow the link to “get permission” to open it, or something like that. - If you see anything suspicious about something that you get via email, don’t reply to the email. Instead, call the sender via phone to ask them about it
If an attacker is controlling the sender’s email, they’ll even respond to you and convince you to open the thing they sent. - If you get a screen that prompts you to “sign in”, especially signing into your email or Office 365 account, check to make sure it’s a legitimate site
Microsoft usually uses the website address “login.microsoftonline.com“, and anything else is very likely to be a scam. - If you suspect something is afoot, ask for help
We’d rather review 100 different suspicious emails, than have you get hacked and lose money
PJ Networks is continuing to explore more ways to keep you and your systems safe, but with the recent rise in cybercrime, staying vigilant is the best defense.
Let’s be careful out there!
The PJ Networks Team
